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for law enforcement and cybersecurity professionals when 


investigating and combating cybercrime. The complexity of decentralized applications 


(DApps) without centralized servers further complicates evidence certification. Although 
anonymity features to protect privacy, they impede the establishment of connections 


Keywords: ahs PRES ; ; 

Anonymous between digital accounts and real-world identities. In centralized server environments, data 
SOMmUniCAlon access for investigations is relatively straightforward. However, this study reveals that 
Mecentcalized DApps present challenges due to decentralized control, anonymity, encrypted 


application, DApps communication, and jurisdictional issues. DApps designed for anonymous communication 


OSINT, cybercrime 
investigation, digital 


allow users to interact without revealing their identities, making it challenging to trace 
criminals. While cybercrime investigations in centralized environments involve systematic 


evidence, digital evidence collection, correlation, analyzing communication patterns, collaboration with 


FOTeRRICS. agencies, tracking IP addresses, legal authorization, and forensic analysis of digital devices, 


DApps-based investigations require vital intelligence gathering through open-source 
techniques (OSINT). This includes retrieving digital footprints, analyzing social media 
profiles, and tracing ownership information. Moreover, investigators may exploit human 
vulnerabilities, engage in deceptive communication, or use social engineering techniques to 
gather information while carefully considering the balance between user privacy and 
investigative requirements. In this study, we explore the many facets of anonymity in 
DApps and what challenges they impose for the investigation of cybercrime. The 
anonymity of users and their transactions in the context of new blockchain and 
decentralized technology presents difficulties for law enforcement. In the end, our research 
helps shed light on the complex relationship between anonymity in decentralized systems 
and the need for fairness online. 


Introduction professionals (Raj, 2019). The encryption and anonymity 


In today's digital age, the alarming prevalence of 
cybercrime through anonymous communication apps 
raises serious concerns for every internet user. Criminals 
exploit the anonymity offered by these apps and networks 
and engage in various illicit activities, evading 
identification and location tracking. While anonymity 
features protect privacy, facilitate free expression, and 
enable whistleblowing or reporting sensitive information 
without fear of retribution, they also impose significant 
challenges in investigating and combating cybercrime for 


law enforcement agencies and _— cybersecurity 


provided by such platforms make it challenging to trace 
the origin of attacks and identify the perpetrators (Wu et 
al., 2021). Extracting evidence from these devices 
becomes crucial in identifying and _ prosecuting 
cybercriminals involved in hacking, cyber espionage, 
identity theft, online fraud, and other illicit activities. 
However, even after extracting digital evidence from 
devices used in anonymous communication during such 
criminal activities, establishing a connection between a 
digital account or online identity and a real person in the 


physical world remains a common challenge. This 
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challenge is further amplified in the context of 
applications (DApps) 


cybercrime cases, as there is no centralized server to 


decentralized involved in 
certify the evidence or support investigating agencies 
(Alabdulwahhab, 2018; Cai et al., 2018). Moreover, if 
DApps allow users to interact using pseudonyms or 
without revealing their real identities, their anonymity 
poses difficulties 
establishing links between specific individuals and their 
actions on the DApps. 

Cybercrime investigation procedure in centralized 
server environment 


additional for investigators in 


Cybercrime investigation procedures necessitate a 
systematic and methodical approach to acquiring 
evidence, analyzing data, and identifying perpetrators 
engaging in criminal activities through digital means. The 
specific steps involved in these procedures can vary, 


including law enforcement agencies, cybersecurity firms, 
and international partners, as cybercriminals frequently 
operate across borders (Chang, 2017; Redford, 2011). 
This collaborative approach involves sharing information, 
exchanging intelligence, and coordinating joint efforts to 
track and apprehend suspects effectively (Wang et al., 
2021). Investigators may approach an intermediary to 
assist the investigation by providing information or logs 
related to the attacker's account or activities (Sorban, 
2019). IP addresses serve as valuable clues that can guide 
investigators to the origin of cybercrime. By tracing these 
addresses and collaborating with ISPs, investigators 
endeavor to unveil the physical location or user 
associated with malicious activities, though challenges 
may arise if the attacker conceals their real IP or employs 
a botnet, proxy servers, VPN, etc. (Jordan, 2020; Kesari 
et al., 2017; Shah and Chudasama, 2021). Investigators 
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Figure 1. Centralized server-based data request 


contingent upon the nature and complexity of the 
cybercrime under investigation, but they generally adhere 
to a core set of critical principles (Chougule et al., 2022; 
Hunton, 2011; Jeffries and Apeh, 2020).Gathering Digital 
Evidence: Immediately at the complainant's end, it is 
essential to collect digital evidence entails analyzing logs, 
extracting data, examining communication records, and 
preserving files with utmost forensic integrity to ensure 
its admissibility in legal proceedings(Granja and Rafael, 
2017; Reedy, 2020). 

Investigators analyze the gathered digital evidence 
like identifying patterns, timestamps, and _ event 
sequences that can provide insights into the attacker's 
actions to establish connections and correlations between 
different pieces of data and make it acceptable in a court 
of law (Yeboah-Ofori and Brown, 2020). Investigators 
trace digital footprints left by cyber criminals through 
communication patterns, analyzing channels like e-mails, 
instant messages, and social media interactions to 
uncover potential leads and link attackers to that 
cybercrime (Schwerha, 2004). Cybercrime investigations 
often necessitate collaboration with diverse entities, 
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may use open-source intelligence techniques or tools to 
trace the perpetrators. Various tools and Linux distro are 
publicly available for investigators and digital forensics 
experts in this regard. Investigators use forensic 
techniques to extract, analyze, and interpret data from 
various sources. This involves examining file systems, 
network logs, memory dumps, and metadata to 
reconstruct the events leading to the cybercrime 
(Caviglione et al., 2017; Patil et al., 2022). Therefore, in 
the case of centralized environment, LEAs may approach 
the intermediary servers to provide the information about 
the perpetrator. 
Investigation challenges involving centralized server- 
based cases 

Several challenges arise in cybercrime investigations 
involving centralized servers, including jurisdictional 
issues due to varying laws across countries. Accessing 
data or cooperation from server operators in different 
jurisdictions can be difficult. Moreover, the vast amount 
of user data stored on these servers raises concerns about 
data privacy and protection, requiring investigators to 
comply with relevant laws. Even with user registration, 
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cybercriminals can use fake credentials or anonymous 
accounts, leading to difficulties in identifying them. 
Tracing anonymous accounts and linking them to specific 
individuals requires meticulous investigation, 
collaboration with service providers, and data analysis. 
Data encryption on centralized servers can also hinder 
investigations, as decryption is time-consuming and only 
sometimes feasible. Preserving evidence becomes critical 
as cybercriminals may swiftly delete incriminating data 
upon detecting ongoing investigations. Law enforcement 
agencies (LEAs) must act swiftly to preserve data and 
issue legal requests before permanently deleting relevant 
information. 

Furthermore, the lack of specialized technical 
expertise in digital forensics, data analysis, and network 
security presents significant challenges for LEAs in 
effectively tackling online cybercrime cases. Using 
anonymizing operating systems like Whonix and Tails, 
which employ the Tor network to route internet traffic 
through multiple relays, further complicates 
investigations (Goohs Jr, 2021; Ranakoti et al., 2017). 
These systems enhance user privacy by utilizing 
pseudonyms, obfuscating IP addresses, and employing 
encrypted communication channels with added layers of 
complexity and data fragmentation across multiple virtual 
machines (VMs) and nodes. However, there may still be 
novel ways to find this hidden information, so the 
investigators should explore the possibilities (Nurmi & 
Niemela, 2017). As a result, data retrieval and correlation 
become more challenging for investigators, ultimately 
protecting users' online activities but posing significant 
obstacles for cybercrime investigators. 

Addressing these challenges necessitates a 
comprehensive approach involving — continuous 
collaboration between law enforcement agencies (LEAs), 
international cooperation agreements, technological 
investments, legal reforms, and robust investigator 
training programs. Equipping investigators with the 


necessary skills to navigate the complexities of 
cybercrime investigations within centralized servers is 
essential. Striking a delicate balance between 


safeguarding user privacy and effectively combating 
cybercrimes is crucial for ensuring public safety in the 
digital era. The rapidly evolving nature of centralized 
servers and associated technologies introduces new 
features, encryption methods, and security measures that 
may impede investigations. To stay effective, LEAs must 
stay updated on technological advancements, invest in 
ongoing training, and collaborate with experts to adapt to 
these dynamic landscapes. 
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Centralized & Decentralized applications 

DApps for communication signify a paradigm shift 
from reliance on Trusted Third Parties (TTP) to 
decentralized, trust-based applications _ utilizing 
blockchain technology, fundamentally shaping our digital 
interactions (Pop et al., 2020; Yue et al., 2021). In 
contrast to conventional communication apps that depend 
on centralized servers and intermediaries, DApps employ 
blockchain or peer-to-peer networks, enabling direct 
communication between users and _ guaranteeing 
heightened privacy, security, and _ resistance to 
censorship. These DApps exhibit enhanced resilience and 
autonomy by eliminating single points of failure, 
empowering users to regain control over their data and 
communications (Petcu et al., 2023). Moreover, DApps 
possess the capacity to transcend geographical barriers, 
functioning without intermediaries, making them a 
compelling option for future global, decentralized 
communication networks. However, it is essential to 
acknowledge that while blockchain-empowered 
decentralized apps can bring numerous positive impacts, 
their utmost privacy features might also create a safe 
environment for illicit users engaging in illegal activities. 

Centralized servers offer easier data accessibility for 
investigating agencies as data is stored in one location, 
the 
information. They retain data for extended periods, aiding 
investigations, and have clear 


allowing cooperation with server owner for 
retrospective 
accountability. Legal compliance is more straightforward, 
but they are vulnerable to single points of failure. In 
contrast, decentralized servers complicate data access 
with distributed storage, prioritize user privacy and 
anonymity, and may lack a central authority for legal 
requests. Data retention can be shorter, and while 
distributed security is more robust, tracing malicious 
activities becomes challenging for investigators. The 
development of DApps has led to the emergence of 
various innovative contract platforms like Binance Smart 
Chain, EOSIO, TRON, Fantom, Polygon, 
Avalanche, etc. However, there is no straightforward way 
to compare the entire DApps ecosystem of each platform 


(Zheng et al., 2023). 


Solana, 


Decentralized applications (DApps) for 
Communication — LEAs perspective 

Decentralized communication applications present 
unique challenges and considerations in the context of 
investigation and law enforcement activities as they offer 
enhanced security and anonymity for every user. Striking 
a balance between user privacy and the need for effective 
law enforcement is a complex challenge in the evolving 
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digital landscape. LEAs must adapt their investigative 
strategies, collaborate with experts, and explore novel 
methods to investigate DApps-related criminal activities 
in a rapidly evolving digital landscape. DApps can 
implement secure messaging and communication 
protocols, ensuring that conversations between protected 
users from eavesdropping and tampering, along with 
many other technical features possible in DApps 
(Abdulaziz et al., 2018; Shen et al., 2021). 


With so many anonymity features available, it is 
pertinent to mention that illicit users will be attracted to 
Daps for committing online crimes. In DApps, just like in 
any other online environment, cyber frauds can manifest 
in various forms, and some of these are as mentioned 
below. 

Role of DApps in anonymous communication 

One of the most significant roles of DApps is enabling 

anonymous communication, allowing users to interact 


Table 1. DApps features and investigation challenges 


Particulars LEAs - challenges in investigation 


Decentralized Control 


The lack of a single entity or central server may hinder ongoing investigative 
methods that rely on centralized servers to retrieve evidence. Moreover, in 
case of a requirement to remove unwanted content or block unwanted apps. 


Anonymity and Features offering pseudonyms may motivate illicit users to migrate, as this 
Pseudonymity anonymity can facilitate criminal behavior and hinder attribution. 

Encrypted While this protects user privacy, it can also hinder LEAs from intercepting 
Communication and accessing communications related to criminal activities. 


Tracing Transactions 


DApps often involve cryptocurrencies or blockchain technology, making 
financial transactions more challenging to trace. This can hinder efforts to 
follow the money trail and identify financial patterns related to illegal 
activities. 


Jurisdictional Challenges 


DApps work on global platforms, and illicit users may hide their identity 
behind fake details or IP Addresses. 


Time-Sensitive 


DApps may have a time limit in storing the metadata, offering an advantage to 
illicit users. 


Cryptographic protocols 


Public-key cryptography, cryptographic hashing, and symmetric encryption 
ensure secure and confidential data transmission. 


Zero-knowledge proofs 
(ZKPs) 


Zero-knowledge proofs are cryptographic techniques that allow one party (the 
prover) to prove the truth of a statement to another party (the verifier) without 
revealing any additional information. ZKPs can demonstrate knowledge of 
specific data without disclosing the data itself, enhancing privacy in DApps. 


Ring signatures 


Ring signatures enable a user to sign a message on behalf of a group of users, 
making it difficult to determine which specific user in the group performed the 
signing. This feature enhances the anonymity of transactions within DApps. 


Identity solutions 


DApps can leverage decentralized identity solutions, such as self-sovereign 
identity (SSD or decentralized identifiers (DIDs), to create and manage user 
identities in a privacy-preserving manner. 


Table 2. DApps based frauds 


Frauds Types Description 


Scams and Ponzi Malicious actors create fraudulent DApps promising high returns or rewards, 

Schemes deceiving users into investing funds. 

Phishing Attacks Hackers may try to steal sensitive information by creating fake DApps 
interfaces or websites resembling legitimate ones. 

Smart Contract Smart contract code’s vulnerabilities can be exploited to manipulate 

Vulnerabilities transactions, drain funds, or disrupt DApps. 

Pump and Dump Fraudsters spread misleading information to artificially inflate a token's value 

Schemes within a DApps and then profit by "dumping" their holdings, causing significant 
losses for other users. 

Fake Exchanges Fraudulent DApps may pose as cryptocurrency exchanges, enticing users to 
deposit their funds only to have them stolen or lost. 
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Table 3. DApps-based apps — category-wise 


Category | DApps for Anonymity 
Messaging Briar, qTox, Ricochet, Status, Session, Keybase, etc. 
Disposable Messages Session, Status, Element, Briar, Secure Scuttlebutt, DUST, 


Stealthy, etc. 


Anonymous Email Services 


Send Safely, Mail fence, Proton Mail, Cwtch, etc. 


Anonymous Voice Calls 


Ring Confidentiality, Snomed, Tox, Session, Riot.im, Orchid, etc. 


Forums 


Mastodon, Peertube, Zero Talk, Namecoin, etc. 


File sharing 


Onion Share, IPFS, Swarm, Tahoe-LAFS, I2P Torrents, Filecoin, 
Sia, Storj, Bluzelle, Golem, etc. 


Social networks 


Steemit, Minds, Peepeth, Sapien, Indorse, Sphere, LBRY, etc. 


Marketplaces 


Open Bazaar, BitShares, etc. 


Virtual Private Network (VPN) 


KelVPN, Orchid, Mysterium Network, Sentinel, Privatix, Tachyon 
VPN, Substratum, etc. 


and exchange information without revealing their real- 
world identities. As individuals and _ organizations 
become increasingly aware of the value of online privacy 
and secure communication, the popularity of DApps with 
anonymous communication will likely continue growing, 
especially in an era of extensive data collection and 
surveillance. These decentralized solutions offer an 
essential counterbalance to centralized data silos and 
surveillance, empowering users to reclaim control over 
their preserving _ their 
fundamental rights to privacy and freedom of expression. 
Such DApps empower whistleblowers and journalists to 


digital interactions while 


share information securely and confidentially, protecting 
their identities and ensuring the dissemination of 
important news without fear of retaliation. Data, once 
recorded, cannot alter it, ensuring the integrity and 
trustworthiness of the application. 
Types of DApps for anonymous communication 

Some of the DApps are for anonymous 
communication or sharing of data with features like end- 
to-end encryption, pseudonymous usernames, etc. Some 
route all traffic through the Tor network, making it 
difficult for anyone to track who is communicating with 
whom. 
Investigation challenges in DApps in comparison to 
Centralized Server 

The investigation may differ in every case depending 
on the case and the process of committing such crimes. In 
addition, the person involved in any crime may influence 
the types of evidence possible for retrieval in that case. 

However, let us broadly compare the existing 
centralized based server and decentralized based 
the 
Investigation challenges in Decentralized Applications 
(DApps) may differ significantly from those in 
centralized server-based systems. 


environment for investigation procedure. 
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As DApps are working on multiple servers, it may be 
challenging to track down all data or transactions 
involved in a particular case and to bring the same in a 
court-acceptable form. In the case of the intermediate 
LEAS 
information, IP address involved, etc. However, in the 
absence of centralized server in DApps, it is difficult for 


central server, can get user registration 


LEAs to identify the illicit user involved in any crime. In 
addition, most of these DApps are based on blockchain 
technology, which is immutable, so it may not be 
possible to remove or edit data or files as per complains 
received during the investigation. Even after identifying a 
particular account involved in illicit activities, it may be 
tedious to identify the evidence to link that particular 
account with the real-world user. 


Investigation changes for cybercrime involving DApps 
platforms. 

With the increasing adoption of DApps, tackling these 
cyber threats becomes crucial to safeguarding 
decentralised ecosystems’ long-term viability and safety. 
The inherent design of DApps, aimed at enhancing user 
privacy and security, creates complexities that traditional 
investigative approaches may need help to address 
effectively. In order to combat cybercrime in 
decentralized applications, a comprehensive strategy and 
close cooperation between law enforcement agencies and 
technology providers are essential(Dyson et al., 2019; 
Rahmadika et al., 2021). While some DApps store data 
on the blockchain, others may rely on off-chain storage or 
peer-to-peer networks, making data collection and 
preservation complex. When dealing with cases related to 
decentralized applications, a meticulous and _ well- 
organized investigative approach is necessary to gather 
crucial evidence and apprehend the culprits. 
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Centralized Server 


Cybercrime is reported to LEAs 


Initial Response to securing and isolating affected systems and 


preparation for further action. 


Collection and Analysis of Evidences available to understand the 


crime pattern and platform involved. 


Coordinate with centralized server or online platform involved to 


retrieve all possible evidences. 


Analyzing IP addresses, domain registrations, etc. using open-source 
intelligence (OSINT) or other investigative techniques to gather 
information about potential suspects. 


Preserve Chain of Custody and further necessary legal process. 


Figure 2. Comparison of centralized and decentralized investigation 


While DApps provide anonymity at the content level, 
metadata that reveals communication patterns, transaction 
frequency, or timing can be crucial in investigations. 
However, obtaining such metadata is often challenging in 
anonymous DApps environments. 
investigating DApps-based frauds is 


Therefore, 
challenging 
compared to centralized server cases, where officers can 
easily approach well-established communication channels 
of online platforms involved in a crime to obtain 
perpetrator details. Some areas to target or follow while 
investigating cases involving DApps may be as below. 

e Gather information about DApps involved in the crime 

eDocument all evidence about suspicious transactions, 
activities, etc. 

e OSINT for IP Addresses and Geolocation information 
of that account 

e Assistance from DApps developers, cybersecurity / 
forensics experts for further necessary procedures. 

Gathering intelligence using OSINT techniques 

Gathering intelligence through OSINT techniques for 
DApps available 
information from various online sources to gain insights 


involves leveraging __ publicly 
into users, transactions, and related entities within the 
DApps ecosystem. This approach aims to acquire 
valuable data without requiring specialized access or 
hacking. OSINT can track users' digital footprint across 
multiple platforms, providing insights into their interests, 
affiliations, and potential connections(Hwang et al., 
2022). DApps users often maintain online identities on 
various social media platforms. By monitoring these 
profiles, investigators can extract valuable information, 
such as real names, locations, and other personal details 


associated with the digital account. 
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Decentralized Environment 


Cybercrime is reported to LEAs 


Decentralized Network Analysis to identify suspicious 
transactions and activities. 


As centralized server not available, User Identification may 
be challenging due to Pseudonyms. 


Need to develop expertise in analysing blockchain and 
collaborate with technology developers 


Preventive measures using OSINT techniques to monitor 
such digital accounts. 


Additionally, users might engage in discussions or 
seek support on public forums and community platforms, 
offering potential hints about their identity. Investigators 
can cross-reference usernames or email addresses across 
different online services to identify the individuals behind 
specific digital accounts. If users have uploaded profile 
pictures or other images on their DApps accounts, 
conducting a reverse image search can lead to 
discovering other instances of the same image online, 
potentially linking to social media accounts or other 
sources related to the individual. Moreover, OSINT can 
be used to trace ownership information by examining 
publicly available domain registration details of the 
DApps or related websites, potentially revealing the 
actual identity of the account holder (Azad, 2022). 

Regarding payment-related information, transactions 
the blockchain, 
particularly in cryptocurrencies. Although blockchain 
transactions are pseudonymous, OSINT can be applied to 


are often publicly available on 


explore interactions between addresses, uncovering 
transaction patterns or connections with known entities 
that may provide clues about the user's identity. The 
anonymous nature of DApps can make it difficult for 
investigators to verify users' identities, potentially leading 
to false positives or negatives in their investigations. 
Social engineering and targeted operations require careful 
planning and coordination to avoid compromising the 
investigation's integrity or violating the rights of innocent 
users. Depending on the importance of the case and the 
involvement of DApps with anonymous communication, 
investigators may attempt to exploit human 
vulnerabilities to gather information about suspects or 


criminal activities. In this regard, social engineering 
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Description 


CoinDCX CoinDCX reserve the right to freeze an account for fraud prevention while identity checks are 
completed or if compelled to by law enforcement. In order to comply with Indian regulations, 


CoinDCX requires some personal information to verify your account. 


Coinswitch Kuber CoinSwitch Kuber has frozen accounts in the past due to unclear government regulations earlier in 


2022. CoinSwitch Kuber complies with regulations that make KYC mandatory in India. 


ZebPay ZebPay was launched in 2014 and relaunched in India in 2020. ZebPay reserves the right to freeze 


accounts if compelled to by law or governments, but it is unlikely. 


In Paxful all personal accounts have 2FA and OTP. Paxful is a global exchange, they have to comply 
with various regulators. Reserves the right to freeze accounts 


Binance India Binance security protocols include 2FA, secure offline cold storage for most assets, and real-time 


monitoring. They require a photo ID and personal information to verify your account. 


Unocoin Unocoin features like 2FA, and a paper wallet. Unocoin is compliant with Indian regulations, so would 


require some personal information. 


Figure 3. Cryptocurrency Exchanges — terms & conditions 
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techniques may assist the investigator in manipulating 
individuals to reveal sensitive information or perform 
actions that could compromise their security and finally 
retrieve valuable information. 
Further, Investigators 
communication to extract information or entice criminals 
into revealing their identities or intentions. Furthermore, 


may use deceptive 


law enforcement officers or agents may pose as ordinary 
users and get involved within DApps to gain access to 
private groups or criminal networks. Agents may join 
private DApps groups or messaging channels to monitor 
communications, gather evidence, and identify key 
figures involved in criminal activities. Agents may 
engage in targeted communications to provoke criminal 
actors into revealing their intentions or committing illegal 
actions, leading to their eventual arrest. By employing 
these OSINT techniques, investigators can gain valuable 
intelligence about DApps, their users, and their activities, 
facilitating better understanding and __ potential 
investigative efforts within the decentralized ecosystem. 


Digital Devices 
evidence 
In cybercrime investigations involving DApps, digital 


involved and retrievable digital 


evidence is crucial in identifying and prosecuting 
perpetrators. The nature of the DApps and available 
features determine the types of digital evidence that 
investigators can analyze. If the DApps operate on a 
blockchain, all transactions are recorded transparently 
transactions 
investigators 


and immutably. Analyzing blockchain 
associated with the crime can _ help 
understand the flow of funds and identify the involved 
parties. Collecting and presenting such transactions as 
evidence can be vital in building a case. These 
transactions are linked to digital wallet addresses, and 
investigating the ownership and usage of these addresses 
can provide insights into the identities and activities of 
the individuals connected to the cybercrime (Di Stefano, 
2022). Furthermore, reaching out to cryptocurrency 
exchanges might yield additional information, as these 
platforms may collect specific user data during 
registration as per their terms and conditions (Brasse & 
Hyun, 2023). 

In case multiple applications are installed on a single 
device, while DApps themselves may not store IP 
addresses, other associated services or platforms used 
alongside DApps may log IP addresses. These logs can 
be valuable in identifying the users' geographic location 
involved in the cybercrime. Some DApps_ use 


decentralised data storage services (Zheng et al., 2023). 


DOI: https://doi.org/10.52756/ijerr.2023.v32.017 


Examining these services can uncover essential evidence 
related to the case. 
Digital devices and related evidence 

In rare instances, if there is a specific suspect, 
examining their digital devices for various activities such 
as browsing history, files, or communications may reveal 
further evidence to confirm suspicions (Santamaria et al., 
2023). Therefore, investigators can gather the necessary 
evidence to bring cybercriminals to justice by carefully 
analyzing blockchain transactions, IP logs, decentralized 
storage services, and digital devices. We use to and briar 
applications for the analysis of digital evidence and found 
that various types of host-based digital evidence are 
available in the digital device, even after deletion of such 
apps, if the investigator can retrieve the device during 
investigation for retrieval of digital pieces of evidence 
(Abbing et al., 2023; Ermoshina et al., 2016). 


Technological countermeasures: 

The delicate balance between privacy and security 
must be kept in mind while adopting these 
countermeasures to avoid invasive user surveillance and 
protect user privacy rights. Furthermore, new difficulties 
and solutions will arise in anonymity and criminality 
detection in decentralized apps as technology advances. 


Recommendation for LEAs and DApps develops or 
DApps experts 

Balancing investigative needs with user privacy and 
digital rights is a delicate ethical challenge. Investigators 
must navigate the fine line between upholding the law 
and respecting individual privacy in the context of 
DApps. However, in case of illicit activities by any users, 
it is equally essential for the investigator to trace the 
perpetrator and give justice to the victim. In addition, 
addressing challenges due to Anonymous communication 
in the fast-paced nature of decentralized systems requires 
technical expertise, collaboration among international 
agencies, and an updated legal framework. Secondly, 
jurisdictions often have distinct data privacy laws and 
regulations, and the enforcement of these laws can 
conflict when dealing with cross-border data flow on 
DApps. The legal treatment of DApps and 
cryptocurrencies can differ significantly from one 
jurisdiction to another. Some countries have embraced 
blockchain technology and cryptocurrencies, while others 
have imposed strict regulations or outright bans. In cases 
involving cross-border criminal activities or fraud on 
DApps, investigating authorities must seek extraterritorial 
jurisdiction to pursue suspects or enforce legal actions 
outside their jurisdiction. Additionally, as an investigator 
gator should have 


in the technical domain, every investi 
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adequate knowledge of the usage of technical facilities, 
tools and techniques, including various professional 
Linux distro, etc., which may help them proceed and 
collect information about such DApps and illicit activities 
in that DApps. Advancements in digital forensics and 
cooperation between international law enforcement 
agencies are vital for investigating crimes effectively in 


this decentralized and borderless landscape. 


Conclusion 


In conclusion, decentralized anonymous 
communication systems present both challenges and 
legitimate uses. It is clear that while they may be 
exploited for criminal purposes, they also play a crucial 
role in protecting privacy, enabling free expression, and 
facilitating secure communication. Addressing 
cybercrime in DApps requires a multifaceted approach 
that balances preserving privacy rights with the necessity 
for effective law enforcement. Even though DApps offer 
advantages to illicit users engaging in illegal activities, it 
has been demonstrated that investigators can retrieve 
valuable information through targeted investigation 
techniques. For future work, we should focus on 
conducting more detailed digital forensics analyses of 
digital devices involved in DApps activities and 
examining network packets or artifacts. By continuing to 
explore and adapt investigative methodologies, law 
enforcement can better respond to the 


challenges decentralized anonymous 


agencies 
posed by 
communication systems while upholding the principles of 
justice, privacy, and security. 
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